package org.example;

import com.mysql.jdbc.Driver;

import java.sql.*;

public class JdbcLoginCode1 {
    static Connection con;
    static {
        try {
            Class.forName("com.mysql.jdbc.Driver");
        } catch (ClassNotFoundException e) {
            throw new RuntimeException(e);
        }
        try {
            con= DriverManager.getConnection("jdbc:mysql://121.41.77.32:3306/school_demo?useSSL=False","root","123456");
        } catch (SQLException e) {
            throw new RuntimeException(e);
        }
    }
    public static boolean login(String name,String password) throws SQLException {
        String sql = "select * from user_config where users = '" + name + "' and passwords = md5('" + password + "')";
        Statement statement = con.createStatement();
        ResultSet resultSet = statement.executeQuery(sql);
        if(resultSet.next()){
            statement.close();
            return true;
        }else {
            statement.close();
            return false;
        }
    }

    public static void main(String[] args) throws SQLException {
        // sql注入方式不安全
        boolean res = login("shengzai","')or('1'='1");
            if(res){
                System.out.println("登陆成功");
            }else {
                System.out.println("登陆失败");
            }
            con.close();
        }
    }



